The source code of SQL combined sensitivity analysis tools is available at pleak-sql-analysis.
Sensitivity analysis is implemented in Haskell, and requires cabal installation as a prerequisite. The analysis tools should work at least with version 220.127.116.11.
Building starts at
pleak-sql-analysis/local-sensitivity-cabal. When building for the first time, a sandbox needs to be initilaized, and the dependencies installed by means of cabal.
cabal sandbox init cabal update cabal install --only-dependencies cabal configure cabal build
is required to rebuild when files have changed. If the building starts giving error messages like
dist/build/banach/banach-tmp/XXXX.o: In function `c4IVe_info': (.text+0x40420): undefined reference to `YYYY_zdsfromList1_info'
it is sufficient to make a formal change in the file XXXX.hs (e.g. add an empty row) to force its re-build.
If dependencies or project structure have changed, then run the configuration again.
cabal install --only-dependencies cabal configure cabal build
Building starts at
pleak-sql-analysis/banach. First, repeat the building procedure using
cabal, exactly in the same way as it was done for local sensitivity part.
PostgreSQL needs to run as a background process on the local machine. The analyzer should work at least with version 9.5.13.
After PostgreSQL has been installed, it is necessary to create a database named 'banach', assuming it will be used only by the sensitivity analyzer. Permissions on 'banach' database need to be given to the user that runs the analyzer. Here is an example of how to do it with Ubuntu system:
USERNAME@xxxx:~$ sudo -u postgres -i
Here the system prompts USERNAME's password.
postgres@xxxx:~$ psql postgres=# create user USERNAME; postgres=# create database USERNAME; postgres=# \q
Now try to log in under USERNAME:
postgres@xxxx:~$ exit logout USERNAME@xxxx:~$ psql psql (9.5.13) Type "help" for help.
Finally, create the database named 'banach'
USERNAME=# create database banach; CREATE DATABASE USERNAME=# \c banach; You are now connected to database "banach" as user USERNAME. USERNAME=# \q
All required components should now have been installed and configured.
The executable is created in the subdirectory
While both local and derivative sensitivity analyzers can be used independently, we can combine their results together, so that both types of distances can be defined for the tables. To enable such analysis, go to
pleak-sql-analysis/banach and give execution permission to the file
sqlsa-quiet located there.
chmod a+x sqlsa-quiet
The derivative sensitivity analyzer will now be able to call the local sensitivity analyzer.
We give some example runs of the analyzers.
dist/build/banach/banach -QDs --db-create-tables demo_schema.sql demo_query.sql demo_constraints.att --epsilon 1.0 --beta 0.1
demo_schema.sqlcontains the database schema
demo_query.sqlcontains the query
demo_constraints.att(allowed to be an empty file) is the description of constraints on table attributes
epsilonis the desired level of differential privacy
T.dbcontains the table data, where the entries are delimited by whitespaces, and the first row contains corresponding attribute names (which should be the same as defined in the schema)
T.nrmcontains the table norm, defined using the syntax described in the analyser advanced settings.
beta are optional. The default
epsilon value is 1, so it is actually reasonable for the user to choose it depending on privacy requirements. The default
beta is chosen in such a way that it is adapted to epsilon, so it is not of great importance.
–db-create-tables reads data from
.db files and stores it to PostgreSQL database. Hence, if the data has already been uploaded once and it has not been updated, there is no need to create the tables again, and
–db-create-tables can be removed.
dist/build/banach/banach -QDsp --db-create-tables demo_schema.sql demo_query.sql demo_constraints.att --policy=demo_attacker_goal.sql --epsilon 0.3
demo_attacker_goal.sqlis the query representing the attacker's goal, i.e. what he is trying to guess with which precision
epsilonis the desired bound on guessing advantage.
dist/build/banach/banach -QDsc --db-create-tables demo_schema.sql demo_query.sql demo_constraints.att --epsilon 1.0 --beta 0.1 --distance-G=1.0
–distance-Gis the default cost of row addition/deletion, overloaded by individual G values given in the table norm
More examples can be found in the subdirectories of
pleak-sql-analysis/banach/lightweight-examples/, where 'test.sh' scripts show how to run these examples.